CVE-2011-1944
libxmlInvalid 2.7.x - XPath Multiple Memory Corruption Vulnerabilities
Severity Score
9.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
5
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions.
Desbordamiento de entero en xpath.c en libxml2 v2.6.x hasta v2.6.32 y v2.7.x hasta v2.7.8, y libxml v1.8.16 y anteriores, permite a atacantes dependientes del contexto, provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección a través de un archivo XML modificado que provoca un desbordamiento de buffer basado en memoria dinámica cuando se añade un nuevo espacio de nombres al nodo, relacionado con la manipulación de expresiones XPath.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-05-09 CVE Reserved
- 2011-05-31 First Exploit
- 2011-06-16 CVE Published
- 2024-08-06 CVE Updated
- 2024-09-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-189: Numeric Errors
CAPEC
References (22)
| URL | Tag | Source |
|---|---|---|
| http://support.apple.com/kb/HT5281 | X_refsource_confirm |
|
| http://support.apple.com/kb/HT5503 | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html | X_refsource_confirm |
|
| http://www.osvdb.org/73248 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/35810 | 2011-05-31 | |
| http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062238.html | 2024-08-06 | |
| http://www.openwall.com/lists/oss-security/2011/05/31/8 | 2024-08-06 | |
| http://www.securityfocus.com/bid/48056 | 2024-08-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=709747 | 2024-08-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.0 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.1 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.1" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.2 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.2" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.3 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.3" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.4 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.4" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.5 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.5" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.6 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.6" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.7 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.7" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.8 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.8" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.9 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.9" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.11 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.11" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.12 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.12" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.13 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.13" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.14 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.14" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.16 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.16" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.17 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.17" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.18 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.18" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.20 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.20" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.22 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.22" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.26 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.26" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.27 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.27" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.30 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.30" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.6.32 Search vendor "Xmlsoft" for product "Libxml2" and version "2.6.32" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.0 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.1 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.1" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.2 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.2" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.3 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.3" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.4 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.4" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.5 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.5" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.6 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.6" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.7 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.7" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml2 Search vendor "Xmlsoft" for product "Libxml2" | 2.7.8 Search vendor "Xmlsoft" for product "Libxml2" and version "2.7.8" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | <= 1.8.16 Search vendor "Xmlsoft" for product "Libxml" and version " <= 1.8.16" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.5.0 Search vendor "Xmlsoft" for product "Libxml" and version "1.5.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.6.0 Search vendor "Xmlsoft" for product "Libxml" and version "1.6.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.6.1 Search vendor "Xmlsoft" for product "Libxml" and version "1.6.1" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.6.2 Search vendor "Xmlsoft" for product "Libxml" and version "1.6.2" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.7.0 Search vendor "Xmlsoft" for product "Libxml" and version "1.7.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.7.1 Search vendor "Xmlsoft" for product "Libxml" and version "1.7.1" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.7.2 Search vendor "Xmlsoft" for product "Libxml" and version "1.7.2" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.7.3 Search vendor "Xmlsoft" for product "Libxml" and version "1.7.3" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.7.4 Search vendor "Xmlsoft" for product "Libxml" and version "1.7.4" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.0 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.0" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.1 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.1" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.2 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.2" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.3 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.3" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.4 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.4" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.5 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.5" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.6 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.6" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.7 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.7" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.8 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.8" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.9 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.9" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.10 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.10" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.11 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.11" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.12 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.12" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.13 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.13" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.14 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.14" | - |
Affected
| ||||||
| Xmlsoft Search vendor "Xmlsoft" | Libxml Search vendor "Xmlsoft" for product "Libxml" | 1.8.15 Search vendor "Xmlsoft" for product "Libxml" and version "1.8.15" | - |
Affected
| ||||||